Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

have animalware doctor infection on XP system


  • This topic is locked This topic is locked
13 replies to this topic

#1 amyd913

amyd913

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 23 April 2011 - 12:36 PM

Have one of my home computers infected with animalware doctor (can't see the actual spelling on that 'puter). The various 'fake virus' screens are similar to the ones displayed in Grinler's description for REMOVE ANTIMALWARE TOOL. When I get into safe mode with networking (using F8), the only info. on the black screenm is 'safe mode' in each corner and a title line with Microsoft ® Windows ® (build 2600.xpsp_sp2_gdr.100216-1441: Service Pack 2). I know enough to be dangerous; need some handholding to get thorough the process. Amy D.

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Then post your DDS and GMER logs as a reply to this topic. Once you have done that I will remove my reply and consolidate the posts so that you retain your correct place in the queue.

If you can produce at least some of the logs, then please explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.


I click on the Preparation Guide for Use... and it keeps sending me to the identical page. I can tell you, when I log onto the infected computer, I only get the photo on the screen, no desktop icons. When I try to login in safe mode and select the 'save w/networking', I just get a blank 'safe mode' screen. Even if I DO get lots of lines on the black screen, can I copy them to a flash drive and put them into a forum msg.? The infected computer is at a friend's house and I need to be there to do this.

EDIT: Posts merged. In your case just skip the Preparation Guide for now. When one of our trained malware experts gets to your topic they will know what to do. ~Budapest

Edited by Budapest, 24 April 2011 - 03:07 PM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:24 AM

Posted 01 May 2011 - 08:39 AM

Hi,

I'm not quite sure I understand? On the Preparation thread can you not download the tools linked, or can you not see the links in the topic?

Would you be at all capable of executing a file on the infected PC? Or would you be unable to see it?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 amyd913

amyd913
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 01 May 2011 - 10:15 AM

I've been able to print out the Preparation guide on MY (working) computer. I can only get as far as the infected computer to show the desktop photo. Thus, can't figure out how to open/download, etc. any files.

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:24 AM

Posted 01 May 2011 - 11:04 AM

Hi,

I think our best approach is going to be the use of a live-cd to fix the most basic problems and get it back to a working state before making sure it's clean with our "normal" tools.

Do you have a Windows XP CD with which we could make a Windows Live-CD? If not we can make a Linux Live-CD for free.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 amyd913

amyd913
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 01 May 2011 - 02:39 PM

I'll check to see if she has a Windows xp CD. Can you do a remote to the messed up computer? Is there anyway someone can work with me over the phone when I am online at that computer? I realize you are all volunteers and I may be asking for something WAY out of your perview. Our REAL concern: gettin the data off of the messed up computer...photos, docs, etc. She is rather ready for a new computer at this point.
I appreciate all your time and what you do for us neophytes! :-)))
Amy

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:24 AM

Posted 01 May 2011 - 05:32 PM

Hi,

if we get the CD going (even if it is a linux CD) she has full access to PC, so that means she can back up all her data from the CD to an external hard drive or similar. (To back up the data, about any live-CD would do. Try for example the Ubuntu one. )

We do not offer remote or phone support, sorry. However I'm frequently in the BC-Chat and if you have a second PC to contact we could try a quicker/more interactive way of replying.
regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 amyd913

amyd913
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 01 May 2011 - 07:58 PM

Is a 'live-cd' the same as the 'DYNEX CD-R ulti-speed 80 min/700MB compatible' ones I have?

#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:24 AM

Posted 02 May 2011 - 10:14 AM

Hi,

a live-cd is a CD from which you can boot an operating system. It will run on any PC.

We would create it together, for example following this guide:

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 amyd913

amyd913
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 02 May 2011 - 12:01 PM

Is is a special kind of CD or can I use these DYNEX ones I have here already??? If I have to by a special one, what do I actually look for???

#10 amyd913

amyd913
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 02 May 2011 - 12:06 PM

Just got word she has all the CDs that came with the infected computer. Is that good? I didn't want to attempt to run any just in case I erased all her data!
Me

#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:24 AM

Posted 02 May 2011 - 04:01 PM

Hi,

any type of CD is fine, it does not noeed to be a special type of CD, just one where you can burn something onto. So the DYNEX ones should be fine.

If she has the CDs she can just reformat & reinstall everything after backing up her data. As it will overwrite everything on the PC. I am not aware of a way to backup data form a Windows-CD.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 amyd913

amyd913
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:24 AM

Posted 02 May 2011 - 08:16 PM

My problem: when I turn the infected computer on, I can't get anywhere except the picture up on the screen. Not even any desktop items. If I start it in safe mode, can I get to here data from there? Maybe save mode without selecting 'w/networking'? Just want to grab the data.

#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:24 AM

Posted 03 May 2011 - 11:13 AM

Hi,

this really depends a lot on the infection.. I can't say from a distance, which is why I am giving you the broadest possible approach.

You can try simple safe mode, but I'm pretty sure it won't work.

Making said CD is easy and you can try if you can boot your PC with it before going over to hers, so that you can ask all questions before hand. I'll show you the instructions. Once you are on the CD, you can use it almost as if you were booted into her PC normally.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.

Once you have the CD, you need to do the following to boot from it;
  • Insert the CD-ROM into the CD-ROM drive, and then restart the computer.

  • If your PC is not booting from the CD, you need to change the boot order:
    • Restart your PC
    • As soon as you get an image, press the Setup key. This is usually F2, or Del. On some machines the key can also be a different one. It should, however, be stated on the screen which key is the setup key.
    • Once you enter the computer's BIOS, use the arrow keys and tab key to move between elements. Press enter to select an item to change.
    • Navigate to the tab, where you can set the boot order. It should be called Boot or Boot order
    • The tab should now show your current boot order.
      If the CD-drive is not at the top, please navigate to the CD-Rom drive with the keys arrows. Then move it to the top of the list. The keys for switching boot position are usually + to move up and - to move down. However they can be different, but they should be stated in the help, so that you can find them easily.
    • Once the CD-drive is on top of the boot order, navigate to Exit and select Exit saving changes.
  • Your PC should now boot from your CD.
    Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.

  • Once the PC is booted, you should see an interface with 4 options on the left, the third from the top is file, which will allow you to navigate through the contents of your PC. To turn the PC of, click on home and then on shut down.

Booting from a CD will not change anything on your PC and taking the CD out will lead to your PC booting normally as before.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:24 AM

Posted 12 May 2011 - 10:25 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users